Hackers have found a way to steal bitcoins from the Lightning Network
Researchers have discovered a vulnerability in the Bitcoin Lightning network.
Flood is a hacker attack with a lot of requests.
Research findings shared with developers of three major versions of Lightning.
International consortium of news organizations developing transparency standards.
Lightning Network Vulnerable to Flood Attack & Loot that can empty bitcoin wallets
Two Bitcoin Researchers Say They Found A Way To Steal Coins From Bitcoin Lightning Network.
In the article “Flood & Loot: A Systematic Attack On the Lightning Network ”, dedicated to the study of systematic attacks on the Lightning Network, researchers Yona Harris and Aviv Zohar from the University of Jerusalem, Israel, discovered that attackers could use system flaws to withdraw funds from wallets.
How the Lightning Network attack works?
The Bitcoin Lightning Network is a payment protocol powered by the Bitcoin blockchain. It is designed to make transactions faster and cheaper by partially confirming them, since it can take a long time to fully confirm transactions..
Lightning Network users can send payments through intermediate nodes. And these nodes can try to steal bitcoins, but for this they will only have a short period of time. However, hackers can increase the time interval by resorting to flooding..
In an attack detailed by two researchers, “the attacker forces victims to send multiple requests to the blockchain simultaneously to receive their funds.
What About Hacking Bitcoin? Possible? | 51% Attack, Mt. Gox & Ledger | Debunking Bitcoin Problems
He can then take advantage of the resulting congestion to steal funds that were not claimed before the deadline. “.
Add to our telegram channel and stay up to date with all events in the cryptocurrency industry.
Is it possible to prevent the attack?
Researchers have found that an attacker must attack 85 channels simultaneously to make money. At the same time, finding a victim is quite easy. All vulnerable nodes must be “ready to open the channel” along with the attacker.
“We found that the vast majority of active nodes (~ 95%) are ready to open a channel on demand and therefore risk becoming victims of our attack,” they wrote.
How can the problem be solved? You need to close channels early, fix weaknesses, make it harder for hackers to send spam, and develop a way to detect hackers before attacking.
However, they also added, “We believe the exploitation of the vulnerabilities has a lot to do with the way [Lightning works] and therefore cannot be completely avoided without major changes.”.
Before publishing the study, the authors shared their work with the developers of the three major versions of Lightning. It also remains to be seen whether it is possible to develop protection against attack.
All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website..